Risk Assessment

Written By giulia dondoli

Summary

The video discusses three key aspects concerning risk:

  • Risk = likelihood x impact — To assess risk, we can look at likelihood and impact. Likelihood is the possibility of a potential risk occurring. Impact is the expected harm or adverse effect that may occur due to exposure to such risk.

  • Risk appetite ≠ risk tolerance — Even though the two terms are sometimes used interchangeably, risk appetite and risk tolerance are not the same. Risk appetite is the overall level of risk an organisation is willing to take. Risk tolerance is the level of risk the organisation is willing to accept for each customer or each transaction. There should always be a zero-tolerance policy for risks that go beyond the company’s risk appetite.

  • Inherent risk - controls = residual risk — Your inherent risk is the risk of financial crimes that your business faces in the absence of any mitigation strategy. Once you have established your mitigation strategies, you can assess your residual risk, which is your inherent risk minus the controls applied. After identifying these residual risks, you need to decide how to manage them. You have some options, for example, you can avoid the risk, reduce the risk, or simply accept the risk. This last passive risk management strategy should be considered carefully.

Get in touch if you would like to talk about your business risks.

giulia dondoli
Next

Empirical Study on Money Laundering